Tuesday, June 21, 2016

Convert Oracle Solaris 11.3 Native (Non-Global) Zone to a Kernel Zone

I think more and more people will start using Kernel Zone and I have a feeling that will soon be the only zone that Solaris will offer soon. So, I thought I would show how to convert a none-global zone into a kernel zone.


Create archive of existing zone

# zoneadm list -vc
  ID NAME       STATUS     PATH             BRAND      IP   
   0 global     running    /                solaris    shared
   1 helios     running    /zones/helios    solaris    excl 
   2 artemis    running    /zones/artemis   solaris    excl 

# archiveadm create -z artemis /var/tmp/artemis.uar
Initializing Unified Archive creation resources...
Unified Archive initialized: /var/tmp/artemis.uar
Logging to: /system/volatile/archive_log.7907
Executing dataset discovery...
Dataset discovery complete
Creating install media for zone(s)...
Media creation complete
Preparing archive system image...
Beginning archive stream creation...
Archive stream creation complete
Beginning final archive assembly...
Archive creation complete
# archiveadm info -v /var/tmp/artemis.uar
Archive Information
          Creation Time:  2016-06-21T12:30:51Z
            Source Host:  atlas
           Architecture:  i386
       Operating System:  Oracle Solaris 11.3 X86
       Recovery Archive:  No
              Unique ID:  bd4c3056-52f6-4d74-b049-9039aad4aa22
        Archive Version:  1.0

Deployable Systems
             OS Version:  0.5.11
              OS Branch:
              Active BE:  solaris-7
                  Brand:  solaris
            Size Needed:  3.6GB
              Unique ID:  b9cc8f53-6260-4372-99ba-ede593895a90
               AI Media:  0.175.3_ai_i386.iso
              Root-only:  Yes

Create new Kernel Zone

Create the zone configuration file and alter it to your liking:
# zonecfg -z apollo create -t SYSsolaris-kz
I used the above to get a skeleton and then modified it to get what I wanted:
  • Bare metal host is using link aggregation (lower-link=trunk0)
  • Bare metal host uses VLAN so I let the zone do all the work (set vlan-id=29)  
  • Using ISCSI as my root disk (set storage=iscsi, set bootpri=0, set id=0)
  • Adding another ISCSI disk to this zone (set storage=iscsi, set id=1)
  • Capping memory and cpus ( set physical=12G, set ncpus=4)
# zonecfg -z apollo export
create -b
set brand=solaris-kz
set autoboot=false
set autoshutdown=shutdown
set hostid=0x778c5d85
add anet
set lower-link=trunk0
set allowed-address=193.x.x.x/24
set configure-allowed-address=true
set defrouter=193.x.x.245
set link-protection=mac-nospoof
set mac-address=random
set vlan-id=29
set id=0
add device
set storage=iscsi:///target.iqn.2016-04.uk.ac.bbk.dcs:dss.lv0009,lun.0
set bootpri=0
set id=0
add device
set storage=iscsi:///target.iqn.2016-04.uk.ac.bbk.dcs:dss.lv0010,lun.0
set id=1
add capped-memory
set physical=12G
set pagesize-policy=largest-available
add virtual-cpu
set ncpus=4
Start the install:
  • "-x install-size=24G" The size of the rpool it will create for Solaris
  • "-c /tmp/apollo.xml" get the system configuration settings from the profile file (see sysconfig)
  • add "-x force-zpool-create=rpool" if this NOT your first attempt to install this zone. Which tells the system that YES there is a zone already on this disk and YES I want to overwrite it.
# zoneadm -z apollo install -a /var/tmp/artemis.uar -x install-size=24G -c /tmp/apollo.xml
Progress being logged to /var/log/zones/zoneadm.20160621T145705Z.apollo.install
[Connected to zone 'apollo' console]
Boot device: cdrom2  File and args: /platform/i86pc/kernel/amd64/unix -B install=true -B aimanifest=/system/shared/ai.xml -B profile=/system/shared/sysconfig/
reading module /platform/i86pc/amd64/boot_archive...done.
reading kernel file /platform/i86pc/kernel/amd64/unix...done.
SunOS Release 5.11 Version 11.3 64-bit
Copyright (c) 1983, 2016, Oracle and/or its affiliates. All rights reserved.
Jun 21 14:57:27 auditd[15]: getaddrinfo() failed[node name or service name not known].
Jun 21 14:57:27 auditd[15]: adt_get_local_address couldn't get 26 addrlist socket: Address family not supported by protocol family: Bad file number.
Jun 21 14:57:27 auditd[15]: adt_get_local_address failed, no Audit IP address available, faking loopback for  and error Network is down.
Remounting root read/write
Probing for device nodes ...
Jun 21 14:57:28 auditd[35]: getaddrinfo() failed[node name or service name not known].
Jun 21 14:57:28 auditd[35]: adt_get_local_address failed, no Audit IP address available, faking loopback for  and error Network is down.
Jun 21 14:57:29 auditd[46]: getaddrinfo() failed[node name or service name not known].
Jun 21 14:57:29 auditd[46]: adt_get_local_address failed, no Audit IP address available, faking loopback for  and error Network is down.
Jun 21 14:57:30 auditd[52]: getaddrinfo() failed[node name or service name not known].
Jun 21 14:57:30 auditd[52]: adt_get_local_address failed, no Audit IP address available, faking loopback for  and error Network is down.
Jun 21 14:57:30 auditd[56]: getaddrinfo() failed[node name or service name not known].
Jun 21 14:57:30 auditd[56]: adt_get_local_address failed, no Audit IP address available, faking loopback for  and error Network is down.
Preparing image for use
Done mounting image
Configuring devices.
Hostname: solaris
Using specified install manifest : /system/shared/ai.xml
Using specified configuration profile(s):  /system/shared/sysconfig/

solaris console login:
Automated Installation started
The progress of the Automated Installation will be output to the console
Detailed logging is in the logfile at /system/volatile/install_log
Press RETURN to get a login prompt at any time.

14:57:50    Install Log: /system/volatile/install_log
14:57:50    Using XML Manifest: /system/volatile/ai.xml
14:57:50    Using profile specification: /system/volatile/profile
14:57:50    Starting installation.
14:57:50    0% Preparing for Installation
14:57:50    100% manifest-parser completed.
14:57:50    100% None
14:57:51    0% Preparing for Installation
14:57:51    1% Preparing for Installation
14:57:51    2% Preparing for Installation
14:57:51    3% Preparing for Installation
14:57:52    4% Preparing for Installation
14:57:52    5% archive-1 completed.
14:57:52    6% install-env-configuration completed.
14:57:52    9% target-discovery completed.
14:57:53    Pre-validating manifest targets before actual target selection
14:57:53    Selected Disk(s) : c1d0
14:57:54    Pre-validation of manifest targets completed
14:57:54    Validating combined manifest and archive origin targets
14:57:54    Selected Disk(s) : c1d0
14:57:54    9% target-selection completed.
14:57:54    10% ai-configuration completed.
14:57:54    10% var-share-dataset completed.
14:57:58    10% target-instantiation completed.
14:57:58    10% Beginning archive transfer
14:57:58    Commencing transfer of stream: b9cc8f53-6260-4372-99ba-ede593895a90-0.zfs to rpool
14:58:06    18% Transferring contents
14:58:08    23% Transferring contents
14:58:15    28% Transferring contents
14:58:17    37% Transferring contents
14:58:21    40% Transferring contents
14:58:23    43% Transferring contents
14:58:29    50% Transferring contents
14:58:31    51% Transferring contents
14:58:33    56% Transferring contents
14:58:35    64% Transferring contents
14:58:39    68% Transferring contents
14:58:41    76% Transferring contents
14:58:45    80% Transferring contents
14:58:47    88% Transferring contents
14:58:48    Completed transfer of stream: 'b9cc8f53-6260-4372-99ba-ede593895a90-0.zfs' from file:///system/shared/uafs/OVA
14:58:51    Archive transfer completed
14:59:00    89% generated-transfer-1234-1 completed.
14:59:00    89% Beginning IPS transfer
14:59:00    Setting post-install publishers to:
14:59:00        solaris
14:59:00            origin:  http://pkgs.xx.xx.xx.uk/
14:59:00    89% generated-transfer-1234-2 completed.
14:59:00    Changing target pkg variant. This operation may take a while
15:02:52    90% apply-pkg-variant completed.
15:02:52    90% update-dump-adm completed.
15:02:52    90% setup-swap completed.
15:02:52    90% device-config completed.
15:02:53    91% apply-sysconfig completed.
15:02:53    91% transfer-zpool-cache completed.
15:02:57    96% boot-archive completed.
15:02:58    Setting boot devices in firmware
15:02:58    98% boot-configuration completed.
15:02:59    98% update-filesystem-owner-group completed.
15:02:59    98% transfer-ai-files completed.
15:03:00    98% cleanup-archive-install completed.
15:03:00    100% create-snapshot completed.
15:03:00    100% None
15:03:00    Automated Installation succeeded.
15:03:00    You may wish to reboot the system at this time.
Automated Installation finished successfully
The system can be rebooted now
Please refer to the /system/volatile/install_log file for details
After reboot it will be located at /var/log/install/install_log

[NOTICE: Zone halted]
[Connection to zone 'apollo' console closed]
        Done: Installation completed in 353.178 seconds. 
# zoneadm list -vc
  ID NAME      STATUS     PATH            BRAND      IP   
   0 global    running    /               solaris    shared
   1 filesrv   running    -               solaris-kz excl 
   2 mailer2   running    /zones/mailer2  solaris    excl 
   - apollo    installed  -               solaris-kz excl 

# zoneadm -z apollo boot
# zlogin -C -e\@ apollo
[Connected to zone 'apollo' console]
Loading smf(5) service descriptions: 65/65
Configuring devices.
WARNING: fastboot_update_config failed, disabling deferred dump
Hostname: artemis
apollo console login: @.

The following show you are on a bare-metal machine that can run kernel zones:
# virtinfo
NAME            CLASS    
non-global-zone supported
kernel-zone     supported

# zlogin apollo
apollo:# format < /dev/null
Searching for disks...done

       0. c1d0
       1. c1d1

apollo:# zfs list
NAME                              USED  AVAIL  REFER  MOUNTPOINT
rpool                            12.8G  10.4G  33.5K  /rpool
rpool/ROOT                       4.59G  10.4G    31K  legacy
rpool/ROOT/solaris-7             4.59G  10.4G  2.43G  /
rpool/ROOT/solaris-7/var         2.09G  10.4G  2.09G  /var
rpool/VARSHARE                   2.52M  10.4G  2.43M  /var/share
rpool/VARSHARE/pkg                 63K  10.4G    32K  /var/share/pkg
rpool/VARSHARE/pkg/repositories    31K  10.4G    31K  /var/share/pkg/repositories
rpool/VARSHARE/zones               31K  10.4G    31K  /system/zones
rpool/dump                       6.19G  10.6G  6.00G  -
rpool/export                     99.5K  10.4G    32K  /export
rpool/export/home                67.5K  10.4G    32K  /export/home
rpool/export/home/rootuser       35.5K  10.4G  35.5K  /export/home/rootuser
rpool/swap                       2.06G  10.5G  2.00G  -

A quick way to find out what type of zone you are in:
apollo:# virtinfo
NAME            CLASS    
kernel-zone     current  
non-global-zone supported
I know it is a quick step-by-step quide, but hope it helps others.

No comments: